The Untold Secrets Behind FragAttacks
Longer and more detailed presentation about FragAttacks for WAC4 (co-located with the CRYPTO’21 conference). For more info see 👉 https://www.fragattacks.com
▬ Contents of the presentation ▬▬▬▬▬▬▬▬▬▬
0:00 – Intro
2:47 – Aggregation attack
9:08 – Aggregation attack demo against MacOS
12:49 – Aggregation attack IPv4 packet construction
15:06 – Fragmentation background
17:46 – Mixed key attack
22:08 – Fragment cache attack
24:12 – Defenses
25:40 – Implementation flaw: plaintext injection
26:29 – Turning on and off a power socket
27:07 – Implementation flaw: cloacked A-MSDU flaw
29:33 – Remote exploiting an outdated Windows 7 machine
31:41 – Other implementation flaws
33:28 – Test tool & discussion
36:36 – Conclusion
▬ Extra info ▬▬▬▬▬▬▬▬▬▬
This presentation was made for the 4th Workshop on Attacks in Cryptography (WAC). This workshop is co-located with the CRYPTO’21 conference. The presentation is based on the paper “Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation”. This is not a hacking tutorial.
Additional information
Demonstration of flaws: https://youtu.be/4RmBZT-L1kY
Research paper: https://papers.mathyvanhoef.com/usenix2021.pdf
USENIX Security presentation: https://youtu.be/OJ9nFeuitIU
Test tool: https://github.com/vanhoefm/fragattack
by Mathy Vanhoef
linux dns configuration
